ROLE OF AWARENESS TO PREVENT PERSONAL DISASTERS: REDUCING THE RISKS OF FALLING FOR PHISHING BY STRENGTHENING USER AWARENESS
Price
Free (open access)
Transaction
Volume
207
Pages
10
Page Range
79 - 88
Published
2022
Paper DOI
10.2495/DMAN210061
Copyright
Author(s)
BETTINA ISER, ROMAN BRANDTWEINER
Abstract
Phishing still represents a main security threat in the digital world. Attackers primarily by means of email try to gain access to user’s sensitive personal credentials. By using these credentials, attackers cause disasters on the individual level by inflicting, for example, severe economic losses or reputational damage due to identity theft. Awareness is one important factor to increase resilience. This paper based on recent literature first gives a general overview on social engineering as mean for phishing and then evaluates how awareness as preventive measure is considered effective in the selected literature. Information on phishing is one measure to raise awareness, others are trainings and phishing test campaigns to evaluate risk exposure and increase awareness. With regards on information sharing a case study, focusing on portals and homepages of selected Austrian financial institutions was conducted. In this case, study we emphasis on content and eventual differences in the presentation of information concerning prevention and mitigation.
Keywords
disaster prevention and mitigation, social engineering, phishing, risk awareness, security management